Sending passwords over the network
is a recognized security risk, since passwords can be viewed by anyone
using a network analyzer to inspect packet contents, yet many user authentication
systems still do this  most, fortunately, in an encrypted form.
Today, most authentication schemes allow for encrypting the
password before sending it over the wire, or using some sort of
challenge/response system that doesnt require transmitting
the password at all. Some legacy technologies like telnet
logins, however, do not encrypt the password prior to transmission.

Yes, telnet really does send the
password out onto the Internet without encrypting it. This is one reason
that vanilla telnet and rlogin logins, common when dealing
with Linux and UNIX systems, are being phased out in favor
of ssh (Secure Shell) logins.

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Network+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!